<?php
//
// +----------------------------------------------------------------------+
// |zen-cart Open Source E-commerce                                       |
// +----------------------------------------------------------------------+
// | Copyright (c) 2003 The zen-cart developers                           |
// |                                                                      |
// | http://www.zen-cart.com/index.php                                    |
// |                                                                      |
// | Portions Copyright (c) 2003 osCommerce                               |
// +----------------------------------------------------------------------+
// | This source file is subject to version 2.0 of the GPL license,       |
// | that is bundled with this package in the file LICENSE, and is        |
// | available through the world-wide-web at the following url:           |
// | http://www.zen-cart.com/license/2_0.txt.                             |
// +----------------------------------------------------------------------+
//  Author: dyzon.com lee
//
  require('includes/application_top.php');

  if (isset($_GET['action']) && ($_GET['action'] == 'save'))  {
  
  
  	  $rating = intval(zen_db_prepare_input($_POST['reviews_rating']));
  	  $review_name = zen_db_prepare_input($_POST['review_name']);
	  $review_text = zen_db_prepare_input($_POST['review_text']);
	  $date_added = zen_db_prepare_input($_POST['date_added']);
	  $products_id = intval(zen_db_prepare_input($_POST['products_id']));
	  $review_status = intval(zen_db_prepare_input($_POST['review_status']));

	  $sql=" select products_id from ".TABLE_PRODUCTS." where products_id=".$products_id;
	  
  
	  $product_info = $db->Execute($sql);
	  if (!$product_info->RecordCount())
	  {
		  echo "<script>alert('Product no exist');history.back();</script>";
		  die();
	  }
		
	  $sql = "INSERT INTO " . TABLE_REVIEWS . " (products_id, customers_id, customers_name, reviews_rating, date_added, status)
            VALUES (".(int)$products_id.", 0,'".zen_db_input($review_name)."', ".(int)$rating.",'".zen_db_input($date_added)."',".(int)$review_status." )";
	  $db->Execute($sql);
	  $insert_id = $db->Insert_ID();
	   
	  
      $sql = "INSERT INTO " . TABLE_REVIEWS_DESCRIPTION . " (reviews_id, languages_id, reviews_text)
            VALUES ($insert_id,".(int)$_SESSION['languages_id'].",'".zen_db_input($review_text)."')";
	  $db->Execute($sql);


	  echo "<script>alert('Success');location.href='?';</script>";
	   die();
	  
  }
?>
<!doctype html public "-//W3C//DTD HTML 4.01 Transitional//EN">
<html <?php echo HTML_PARAMS; ?>>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=<?php echo CHARSET; ?>">
<title><?php echo TITLE; ?></title>
<link rel="stylesheet" type="text/css" href="includes/stylesheet.css">
<link rel="stylesheet" type="text/css" href="includes/cssjsmenuhover.css" media="all" id="hoverJS">
<script language="javascript" src="includes/menu.js"></script>
<script language="javascript" src="includes/general.js"></script>
<script type="text/javascript">
  <!--
  function init()
  {
    cssjsmenu('navbar');
    if (document.getElementById)
    {
      var kill = document.getElementById('hoverJS');
      kill.disabled = true;
    }
  }
  // -->
</script>
</head>
<body onLoad="init()">
  <!-- header //-->
  <?php require(DIR_WS_INCLUDES . 'header.php'); ?>
  <!-- header_eof //-->
  
  <!-- body //-->
<table width="100%" cellspacing="0" cellpadding="0" border="0">
          <tbody><tr>
            <td class="pageHeading">Fast writing reviews</td>
            <td align="right" class="pageHeading"><img width="57" height="40" border="0" alt="" src="images/pixel_trans.gif"></td>
          </tr>
        </tbody></table>
<?php echo zen_draw_form('reviewform', "writereviews.php?action=save", '', 'post'); ?>
  <table width="794" border="1" align="center" cellpadding="2" cellspacing="0" bordercolor="#CCCCCC" style="border-collapse:collapse">
    <tr>
      <td height="22" colspan="2" align="center" bgcolor="#EFEFEF">Fast writing reviews <a href="reviews.php" target="_blank">Show All reviews</a> </td>
    </tr>
    <tr>
      <td width="134">ProductID:</td>
      <td width="660"><input name="products_id" type="text" id="products_id" size="10" maxlength="10">
      Product id  from product info url like &quot;*-p-<font color=red>1009</font>.html&quot;,the red number in center! </td>
    </tr>
    <tr>
      <td>Reviews Name:</td>
      <td><input name="review_name" type="text" id="review_name" size="30" maxlength="50"></td>
    </tr>
    <tr>
      <td>Status:</td>
      <td><input name="review_status" type="radio" value="1" checked>
        Enanled
          <input type="radio" name="review_status" value="0">
      Disabled</td>
    </tr>
    <tr>
      <td>Dateadd:</td>
      <td><input name="date_added" value="<?=date("Y-m-d H:n:s")?>" type="text"> 
        Default:now </td>
    </tr>
    <tr>
      <td>Reviews</td>
      <td><textarea name="review_text" wrap="soft" cols="70" rows="15"></textarea></td>
    </tr>
    <tr>
      <td>Rating:</td>
      <td>BAD
        <input name="reviews_rating" value="1" type="radio">
          <input name="reviews_rating" value="2" type="radio">
          <input name="reviews_rating" value="3" type="radio">
          <input name="reviews_rating" value="4" type="radio">
          <input name="reviews_rating" value="5" checked="checked" type="radio">
        GOOD</td>
    </tr>
    <tr>
      <td colspan="2" align="center"><input type="submit" name="Submit" value="Submit"> 
        <input type="reset" name="Submit" value="Reset"></td>
    </tr>
  </table>
  <div align="center">Powered by <a href="http://www.dyzon.com" target="_blank">dyzon.com</a> lee</div>
    </form>
    <!-- footer //-->
    <?php require(DIR_WS_INCLUDES . 'footer.php'); ?>
    <!-- footer_eof //-->
    <br>
  
</body>
</html>
<?php require(DIR_WS_INCLUDES . 'application_bottom.php'); ?>